DAVACO Hit with Class Action Over June 2021 Data Breach
by Erin Shaak
Chacon v. DAVACO, Inc.
Filed: November 9, 2021 ◆§ 3:21-cv-02786
DAVACO faces a class action that claims the project management company failed to adequately safeguard employee information from unauthorized access.
DAVACO, Inc. faces a proposed class action that claims the project management company failed to adequately safeguard employee information from unauthorized access in the run up to a June 2021 data breach.
Per the lawsuit, DAVACO’s apparent failure to implement adequate data security and properly train employees to identify and protect against cyber threats allowed workers’ names, Social Security numbers and driver’s license or government-issued identification information to be accessed by unauthorized parties in a ransomware attack on or around June 11, 2021.
The case alleges affected employees, who reportedly received notice of the incident on or around July 2, have spent, and will continue to spend, “significant amounts of time and money” protecting against the consequences of the breach, including identity theft and fraud, given their private information “is now in the hands of thieves.”
According to the lawsuit, the defendant, a multi-site project management and deployment company that serves the retail, restaurant and hospitality industries, was first alerted to “suspicious activity” on its computer network on or around June 11. Per the complaint, DAVACO confirmed on June 15 that “unknown persons” had gained access to employees’ personal information through the company’s employee email accounts.
The suit argues that DAVACO failed to comply with Federal Trade Commission guidelines, industry standards and its own privacy policy representations regarding data security. Moreover, the lawsuit alleges the defendant’s apparent delay in identifying and reporting the incident to those affected caused additional harm by depriving victims of the opportunity to respond to and mitigate the effects of the incident.
The filing goes on to claim that DAVACO’s offer of 12 months of free identity protection services to employees whose Social Security numbers were compromised is “wholly inadequate” as victims of the breach may face multiple years of ongoing identity theft and fraud.
“The ramifications of Defendant’s failure to keep Plaintiff’ [sic] and Class Employees’ Sensitive Information secure are long lasting and severe,” the complaint scathes. “Once Sensitive Information is stolen, fraudulent use of that information and damage to victims may continue for years.”
The case, which was recently transferred to Texas federal court to be consolidated with a similar lawsuit, looks to represent anyone in California whose sensitive information stored or possessed by DAVACO was subject to the data breach announced by the company around July 2, 2021.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.
Video Game Addiction Lawsuits
If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.
Learn more:Video Game Addiction Lawsuit
Depo-Provera Lawsuits
Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.
Read more: Depo-Provera Lawsuit
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.